/*
 * Copyright 2016-2018 TVI Go Easy.
 * Created on 2018/1/23 11:11
 */
package com.tvi.cloud.oauth2.config;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
import org.springframework.security.oauth2.provider.token.TokenEnhancer;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;

/**
 * 请在此写下该类的说明
 *
 * @author mechanic
 */
@Configuration
public class TokenStoreConfiguration {

    @Value("{jwt.signing-key}")
    private String jwtSigningKey;

    @Bean
    public TokenStore tokenStore (){
        return new JwtTokenStore(jwtAccessTokenConverter());
    }

    @Bean
    @Primary //@Primary 注解被用来告诉 Spring，如果有一个以上特定类型(像 DefaultTokenService)的 bean，使用标记为 @Primary 的 bean 类型进行自动注入。
    public DefaultTokenServices tokenServices() {
        DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
        defaultTokenServices.setTokenStore(tokenStore());
        defaultTokenServices.setSupportRefreshToken(true);
        return defaultTokenServices;
    }

    /**
     * JWT 到 OAuth2 服务器之间的转换器
     */
    @Bean
    public JwtAccessTokenConverter jwtAccessTokenConverter() {
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        converter.setSigningKey("33JDJ8T93YKJD823");
//        converter.setSigningKey(jwtSigningKey);
        return converter;
    }

    @Bean
    public TokenEnhancer tokenEnhancer(){
        return new JWTTokenEnhancer();
    }
}
